}
        if (strlen($_POST['pass1']) < 6) {
            $errors->add('password_reset_mismatch2', '密码至少6位。');
        }
        /**
         * Fires before the password reset procedure is validated.
         *
         * @since 3.5.0
         *
         * @param object           $errors WP Error object.
         * @param WP_User|WP_Error $user   WP_User object if the login and reset key match. WP_Error object otherwise.
         */
        do_action('validate_password_reset', $errors, $user);
        if (!$errors->get_error_code() && isset($_POST['pass1']) && !empty($_POST['pass1'])) {
            reset_password($user, $_POST['pass1']);
            wp_redirect(mo_get_user_rp() . '?action=success');
            exit;
        }
        // wp_enqueue_script('utils');
        // wp_enqueue_script('user-profile');
        $classactive2 = ' class="active"';
        break;
    case 'success':
        $classactive3 = ' class="active"';
        break;
}
?>
<section class="container">	
<div class="content-wrap">
	<div class="content resetpass">
		<h1 class="hide"><?php 
Exemple #2
0
    www: '<?php 
echo home_url();
?>
',
    uri: '<?php 
echo get_stylesheet_directory_uri();
?>
',
    ver: '<?php 
echo THEME_VERSION;
?>
',
	roll: <?php 
echo $roll;
?>
,
    ajaxpager: '<?php 
echo _wedn_option("ajaxpager");
?>
',
    url_rp: '<?php 
echo mo_get_user_rp();
?>
'
};
</script>
<?php 
wp_footer();
?>
</body>
</html>
Exemple #3
0
function retrieve_password()
{
    global $wpdb, $wp_hasher;
    $errors = new WP_Error();
    if (empty($_POST['user_login'])) {
        $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.'));
    } else {
        if (strpos($_POST['user_login'], '@')) {
            $user_data = get_user_by('email', trim($_POST['user_login']));
            if (empty($user_data)) {
                $errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.'));
            }
        } else {
            $login = trim($_POST['user_login']);
            $user_data = get_user_by('login', $login);
        }
    }
    /**
     * Fires before errors are returned from a password reset request.
     *
     * @since 2.1.0
     */
    do_action('lostpassword_post');
    if ($errors->get_error_code()) {
        return $errors;
    }
    if (!$user_data) {
        $errors->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.'));
        return $errors;
    }
    // redefining user_login ensures we return the right case in the email
    $user_login = $user_data->user_login;
    $user_email = $user_data->user_email;
    /**
     * Fires before a new password is retrieved.
     *
     * @since 1.5.0
     * @deprecated 1.5.1 Misspelled. Use 'retrieve_password' hook instead.
     *
     * @param string $user_login The user login name.
     */
    do_action('retreive_password', $user_login);
    /**
     * Fires before a new password is retrieved.
     *
     * @since 1.5.1
     *
     * @param string $user_login The user login name.
     */
    do_action('retrieve_password', $user_login);
    /**
     * Filter whether to allow a password to be reset.
     *
     * @since 2.7.0
     *
     * @param bool true           Whether to allow the password to be reset. Default true.
     * @param int  $user_data->ID The ID of the user attempting to reset a password.
     */
    $allow = apply_filters('allow_password_reset', true, $user_data->ID);
    if (!$allow) {
        return new WP_Error('no_password_reset', __('Password reset is not allowed for this user'));
    } else {
        if (is_wp_error($allow)) {
            return $allow;
        }
    }
    // Generate something random for a password reset key.
    $key = wp_generate_password(20, false);
    /**
     * Fires when a password reset key is generated.
     *
     * @since 2.5.0
     *
     * @param string $user_login The username for the user.
     * @param string $key        The generated password reset key.
     */
    do_action('retrieve_password_key', $user_login, $key);
    // Now insert the key, hashed, into the DB.
    if (empty($wp_hasher)) {
        require_once ABSPATH . 'wp-includes/class-phpass.php';
        $wp_hasher = new PasswordHash(8, true);
    }
    $hashed = $wp_hasher->HashPassword($key);
    $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user_login));
    $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
    $message .= network_home_url('/') . "\r\n\r\n";
    $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
    $message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
    $message .= network_site_url(mo_get_user_rp() . "?action=resetpass&key={$key}&login="******"<br />\n" . __('Possible reason: your host may have disabled the mail() function.'));
    }
    return true;
}